Archive › Uncategorized

Hire a hacker to investigate you

Here’s a good article about someone who hired a a team of professional hackers to investigate himself. Their techniques and results are informative, though the article is a bit long.

http://pando.com/2013/10/26/i-challenged-hackers-to-investigate-me-and-what-they-found-out-is-chilling/

Comments Off on Hire a hacker to investigate you

Hackers spy on and taunt child with baby monitor

Make sure you change the default passwords and update the firmware on your network cameras and baby monitors. Recent security vulnerabilities have made camera takeovers much more common, and this is one of the creepier ones I’ve seen.

http://www.cnn.com/2013/08/14/tech/web/hacked-baby-monitor/index.html?hpt=hp_t2

Comments Off on Hackers spy on and taunt child with baby monitor

Government agency spends $2.75 million to remove malware

Here’s a good case of security taken to an unnecessary extreme. A government agency spent $2.75 million to destroy $170k of hardware because it was infected with malware. The malware apparently could have been removed with standard software methods, rather than destroying the hardware. The only thing that stopped them from destroying more hardware was that they ran out of money. Wow.

http://gizmodo.com/government-destroys-170k-of-hardware-in-absurd-effort-708412225

Comments Off on Government agency spends $2.75 million to remove malware

Skype not as private as you thought

The expectation from many users is that Skype conversations are private because they’re encrypted. This article shows that’s not the case, as Microsoft is able to examine at least some (or maybe all) of the content.

http://gizmodo.com/psa-your-skype-messages-arent-as-private-as-you-think-509012101

Comments Off on Skype not as private as you thought

Botnet attacks against WordPress

Attackers are directing botnets at WordPress sites, trying to guess their admin passwords. I recommend not using “admin” as your administrator name, making sure you have very strong passwords, and use the Limit Login Attempts plugin.

http://techcrunch.com/2013/04/12/hackers-point-large-botnet-at-wordpress-sites-to-steal-admin-passwords-and-gain-server-access/

http://wordpress.org/extend/plugins/limit-login-attempts/

Comments Off on Botnet attacks against WordPress

Security cameras vulnerable to attack

A large number of security cameras are vulnerable to an attack that allows unauthorized users to take control over them. If your cameras are behind a firewall or you don’t mind unauthorized people watching your cameras this isn’t as big a deal for you, but still something to be aware of.

http://www.forbes.com/sites/andygreenberg/2013/01/28/more-than-a-dozen-brands-of-security-camera-systems-vulnerable-to-hacker-hijacking/

Comments Off on Security cameras vulnerable to attack

How to quickly find out where a bit.ly link goes

Has someone sent you a bit.ly link that you suspect might be malicious, or do you just want to know where it goes before you click on it? Add a “+” to the end of the link and you’ll pull up an info page, then if it looks ok you can click on though.

Suspicious?
http://bit.ly/qPtLPW

Let’s find out.
http://bit.ly/qPtLPW+

Comments ( 2 )

Ruby On Rails security vulnerabilities

Do you use Ruby On Rails and the Action Pack framework? You should update your applications immediately. Significant vulnerabilities have been found, allowing theft of sensitive data, administrator access, and denial of service.

http://www.kb.cert.org/vuls/id/380039

Comments Off on Ruby On Rails security vulnerabilities

Legal issues in The Cloud

Here’s a good overview article for businesses considering moving their data to The Cloud, especially sensitive data with HIPAA and PCI requirements. Essentially your lawyer is your new best friend. Most of the Cloud providers’ contracts prevent you from holding them responsible if anything bad happens to your data, but your lawyer can change the equation in your favor by modifying the contract. Page 2 has some good starter Due Diligence questions to ask when you’re considering a move to The Cloud.

http://www.computerworld.com/s/article/9234134/Legal_concerns_curb_corporate_cloud_adoption

Comments Off on Legal issues in The Cloud

Social Network Safety Tips

Here’s a decent article from Microsoft on Social Network Safety. It covers things like being aware of how what you post could be used against you, not letting apps access your address book, using social networks at work, and talking to your kids about protecting themselves. For experienced techies it’s worth a quick read to refresh your memory, for everyone else it’s a good article you might want to forward to your friends and family.

http://www.microsoft.com/security/online-privacy/social-networking.aspx?sf4883013=1

Comments Off on Social Network Safety Tips